NEWS - May 31, 2012
by Carol~ - 5/31/12 9:09 AM
FBI Warns Users of New 'Reveton' Scareware Scam
The FBI is warning consumers about a new scam that's using a piece of malware called Citadel to redirect users to a scam site that installs scareware on their machines and demands a $100 payment to unlock them. The twist in this scam is that it uses the threat of prosecution by the Department of Justice as the prompt to get victims to pay.
The malware is part of a drive-by download attack that's used to install the scareware on users' machines. The attack is not much different from many others that have been in use for the last few years, with the infection routine involving users being sent to a malicious site as the first stage. Typically, the site then uses an exploit against a vulnerability in the user's browser, which then installs the scareware program.
In some cases, scareware will then tell the user that her computer is infected with some piece of malware or other and offers to remove it for a fee, of course. In this case, the scareware hangs the victim's machine and tells the victim that she has violated U.S. law and faces potential prosecution.
"The message further declares the user's IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content," the FBI warning says.
Continued : http://threatpost.com/en_us/blogs/fbi-warns-users-new-reveton-scareware-scam-053012
Also: FBI warns of joint threat by ransomware and banking Trojan